Skip to content

Commit

Permalink
Merge pull request #126 from Venafi/VC-31982/svc-account-auth
Browse files Browse the repository at this point in the history
feat(service-account): Adds support for TLSPC service account
  • Loading branch information
rvelaVenafi authored Apr 6, 2024
2 parents 691d7ef + 122a411 commit 96d3d79
Show file tree
Hide file tree
Showing 15 changed files with 248 additions and 148 deletions.
96 changes: 42 additions & 54 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,105 +1,93 @@
## 0.19.0 (April 2nd, 2024)
- Added support for service account authentication for Venafi as a Service. Two new attributes have been added
to the provider: `token_url` and `idp_jwt`.
Check [README.md](https://github.com/Venafi/terraform-provider-venafi/blob/master/README.md) for more details.
- Added custom User-Agent to identify API calls made by the provider, in the form: `hashicorp-terraform-by-venafi/x.x.x`
where x is the provider's version.

## 0.18.0 (February 27th, 2024)
Added support for certificate retirement on the related Venafi Platform (TLSPDC and TLSPC). This action will be executed by default when a `Terraform destroy` is executed.
In order to have the ability to keep the previous behavior (the certificate was not going to be retired) it was added the new provider's boolean attribute `skip_retirement`.
- Added support for certificate retirement for both Venafi platforms: Trust Protection Platform and Venafi as a Service.
This action will be executed by default as part of `terraform destroy`. In order to keep previous behavior
(certificate not retired on destroy), a new boolean attribute `skip_retirement` was added to the provider.

## 0.17.2 (October 6th, 2023)
Rolls back the error removal from version v0.17.1
- Rolls back the error removal from version v0.17.1

## 0.17.1 (October 2nd, 2023)
Removes an error thrown during provider configuration. Instead, the error is thrown at resource creation.
This work is necessary to allow the venafi-token provider to successfully manage the tokens of this provider.
- Removes an error thrown during provider configuration. Instead, the error is thrown at resource creation.
This change is necessary to allow the venafi-token provider to successfully manage the tokens of this provider.

## 0.17.0 (September 25, 2023)
Added support for client certificate as authentication method. Two attributes were added for this purpose: p12_cert_filename (filename of the pkcs12 bundle) and p12_cert_password (password of the pkcs12 bundle)
Added support for client_id attribute to allow users to customize which application is requesting tokens
- Added support for client certificate as authentication method. Two attributes were added for this purpose:
`p12_cert_filename` (filename of the pkcs12 bundle) and `p12_cert_password` (password of the pkcs12 bundle).
- Added support for `client_id` attribute to allow users to customize which application is requesting tokens.

## 0.16.1 (October 7, 2022)
Added support for nickname attribute to override certificate object name at TPP.
Fixed a bug that would let a not valid certificate key-pair to be stored in terraform state during resource creation
- Added support for nickname attribute to override certificate object name at Trust Protection Platform.
- Fixed a bug that would let an invalid certificate key-pair to be stored in terraform state during resource creation.

## 0.16.0 (May 16, 2022)
Upgraded plugin to SDKv2
- Upgraded plugin to SDKv2.

## 0.15.5 (April 14, 2022)

Fixed a bug in backward compatibility with PKCS#1 Keys
- Fixed a bug in backward compatibility with PKCS#1 Keys.

## 0.15.4 (April 8, 2022)

Added support for SANs attributes
- Added support for SANs attributes.

## 0.15.3 (March 31, 2022)

Fixed a bug in expiration_window behavior
- Fixed a bug in `expiration_window` behavior.

## 0.15.2 (March 21, 2022)

Resolved issue that prevented provider from being published to Terraform Registry
- Resolved issue that prevented provider from being published to Terraform Registry.

## 0.15.1 (March 18, 2022)

Added support for arm64 processors with Darwin OS.
- Added support for arm64 processors with Darwin OS.

## 0.15.0 (March 14, 2022)

Added support for Certificate importing.
- Added support for certificate importing.

## 0.14.0 (February 8, 2022)

Added support for CSR service generated and retrieval of SSH configuration from template.
- Added support for service-generated certificate signing requests (CSR) and retrieval of SSH configuration from template.

## 0.13.0 (September 10, 2021)

Added venafi_ssh_certificate resource that enables SSH certificate creation with Trust Protection Platform.
- Added venafi_ssh_certificate resource that enables SSH certificate creation with Trust Protection Platform.

## 0.12.0 (June 07, 2021)

Added venafi_policy resource that enables certificate policy management with Trust Protection Platform and Venafi as a Service.
- Added venafi_policy resource that enables certificate policy management with Trust Protection Platform
and Venafi as a Service.

## 0.11.2 (February 24, 2021)

Fixing a bug that broke TPP integrations when the customer's zone is in the "long form" way, that is using the "VED" prefix.
- Fixing a bug that broke Trust Protection Platform integration when the customer's zone uses the "VED" prefix, a.k.a. the "long" format.

## 0.11.1 (February 18, 2021)

Fixing a bug that broke TPP integrations when the customer's zone is more than 2 levels.
- Fixing a bug that broke Trust Protection Platform integration when the customer's zone is more than 2 levels.

## 0.11.0 (February 12, 2021)

Updated Venafi Cloud integration to use OutagePREDICT instead of DevOpsACCELERATE.
- Updated Venafi Cloud integration to use OutagePREDICT instead of DevOpsACCELERATE.

## 0.10.2 (October 22, 2020)

Added support for requesting certificates with specific validity periods.
- Added support for requesting certificates with specific validity periods.

## 0.10.1 (October 7, 2020)

Added support for setting Custom Fields when enrolling certificates with Trust Protection Platform.
- Added support for setting Custom Fields when enrolling certificates with Trust Protection Platform.

## 0.10.0 (September 16, 2020)

Introduced support for Trust Protection Platform Token Authentication ("hashicorp-terraform-by-venafi" API Application).

Added PKCS#12 output format for certificate/key/chain.
- Introduced support for Trust Protection Platform Token Authentication ("hashicorp-terraform-by-venafi" API Application).
- Added PKCS#12 output format for certificate/key/chain.

## 0.9.4 (September 2, 2020)

New release with NO CODE CHANGES (only minor doc updates) to verify new Terraform Registry release process.
- New release with NO CODE CHANGES (only minor doc updates) to verify new Terraform Registry release process.

## 0.9.3 (June 29, 2020)

Enabled Source Application Tagging for Venafi Cloud via new VCert version.
- Enabled Source Application Tagging for Venafi Cloud via new VCert version.

## 0.9.2 (March 13, 2020)

Added Source Application Tagging for Trust Protection Platform.

Update to new vcert version with few bug fixes.
- Added Source Application Tagging for Trust Protection Platform.
- Updated to new vcert version with few bug fixes.

## 0.9.0 (December 18, 2019)

Provider migrated to the Terraform Plugin SDK.
- Provider migrated to the Terraform Plugin SDK.

## 0.8.0 (October 08, 2019)

Initial release under "terraform-provider"
- Initial release under "terraform-provider".
20 changes: 11 additions & 9 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -63,27 +63,29 @@ endif
TERRAFORM_TEST_VERSION := 99.9.9
TERRAFORM_TEST_DIR := terraform.d/plugins/registry.terraform.io/venafi/venafi/$(TERRAFORM_TEST_VERSION)/$(OS_STR)_$(CPU_STR)

GO_LDFLAGS=-ldflags "-X github.com/Venafi/terraform-provider-venafi/venafi.versionString=$(VERSION) -s -w -extldflags '-static'"

os:
@echo $(OS_STRING)

all: build test testacc

#Build
build_dev_dynamic:
env CGO_ENABLED=0 GOOS=$(OS_STR) GOARCH=$(CPU_STR) go build -ldflags '-s -w -extldflags "-static"' -a -o $(PLUGIN_DIR)/$(OS_STR)/$(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=$(OS_STR) GOARCH=$(CPU_STR) go build $(GO_LDFLAGS) -a -o $(PLUGIN_DIR)/$(OS_STR)/$(PLUGIN_NAME)_$(VERSION) || exit 1

build_dev:
env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags '-s -w -extldflags "-static"' -a -o $(PLUGIN_DIR)/linux/$(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build $(GO_LDFLAGS) -a -o $(PLUGIN_DIR)/linux/$(PLUGIN_NAME)_$(VERSION) || exit 1

build:
env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags '-s -w -extldflags "-static"' -a -o $(PLUGIN_DIR)/linux/$(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=linux GOARCH=386 go build -ldflags '-s -w -extldflags "-static"' -a -o $(PLUGIN_DIR)/linux86/$(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -ldflags '-s -w -extldflags "-static"' -a -o $(PLUGIN_DIR)/darwin/$(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -ldflags '-s -w -extldflags "-static"' -a -o $(PLUGIN_DIR)/darwin_arm/$(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build $(GO_LDFLAGS) -a -o $(PLUGIN_DIR)/linux/$(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=linux GOARCH=386 go build $(GO_LDFLAGS) -a -o $(PLUGIN_DIR)/linux86/$(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build $(GO_LDFLAGS) -a -o $(PLUGIN_DIR)/darwin/$(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build $(GO_LDFLAGS) -a -o $(PLUGIN_DIR)/darwin_arm/$(PLUGIN_NAME)_$(VERSION) || exit 1
#Build with debugging options, use it for remote debugging. Comment the above line
#env CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build '-gcflags="all=-N -l" -extldflags "-static"' -a -o $(PLUGIN_DIR)/darwin/$(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -ldflags '-s -w -extldflags "-static"' -a -o $(PLUGIN_DIR)/windows/$(PLUGIN_NAME)_$(VERSION).exe || exit 1
env CGO_ENABLED=0 GOOS=windows GOARCH=386 go build -ldflags '-s -w -extldflags "-static"' -a -o $(PLUGIN_DIR)/windows86/$(PLUGIN_NAME)_$(VERSION).exe || exit 1
env CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build $(GO_LDFLAGS) -a -o $(PLUGIN_DIR)/windows/$(PLUGIN_NAME)_$(VERSION).exe || exit 1
env CGO_ENABLED=0 GOOS=windows GOARCH=386 go build $(GO_LDFLAGS) -a -o $(PLUGIN_DIR)/windows86/$(PLUGIN_NAME)_$(VERSION).exe || exit 1
chmod +x $(PLUGIN_DIR)/*

compress:
Expand Down Expand Up @@ -120,7 +122,7 @@ clean:

dev: clean fmtcheck
go test ./...
env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags '-s -w -extldflags "-static"' -a -o $(PLUGIN_NAME)_$(VERSION) || exit 1
env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build $(GO_LDFLAGS) -a -o $(PLUGIN_NAME)_$(VERSION) || exit 1
terraform init

test: fmtcheck linter test_go testacc test_e2e
Expand Down
Loading

0 comments on commit 96d3d79

Please sign in to comment.